Machine Learning 


Machine Learning as a Tool 


Machine Learning as a Tool for Societal 
Exploitation 


A Summary on the Current and Future 
State of Affairs 


A Bit About Me 


(I'm going to pretend you care) 


FiFicin 


- Student at Columbia 


University In New York 
- Independent Researcher 
- Mostly focus on malware 


- Probably younger than 
you think 


- | want to hack a human 


one day (Judge all you 
want) 


Current State 


The Common and the Uncommon 


Standard Uses 
(generally beneficial, sometimes concerning) 


The „Human“ Side 


- Financial Trading 


- Sports Injuries - [courtesy 
of Quantum Black] 


The „Technical“ Side 


Data Security 


- Antivirus Software 


- Endpoint Detection 
Systems 
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The „Technical“ Side 


Data Security 


: Antivirus Software ES 
19% 
we? 
- Endpoint Detection a 
Systems 80 (2) 
ER 
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Uncommon Uses 
(usually concerning, generally cool) 
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Crazy Dystopian S**t 


Ambient Sound Mapping 


- Determine precise location and orientation through 
microohone-embedded devices [without consent] 


Individual Profiling 
- Recreating the human based on digital fingerprints 
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Ambient Sound Mapping 
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Crazy Dystopian S**t 


Ambient Sound Mapping 


Determine precise location and orientation through 
microohone-embedded devices [without consent] 


Individual Profiling 
Recreating the human based on digital fingerprints 
- Actually more common than | give it credit for 
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Individual Profiling 
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The Future of Attack 


FIRST THING TO REMEMBER 
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Alis NOT Attackproof 


("m sure you know this) 
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Alis NOT Attackproof 


- Attack" isn't limited to 


using Al aS a weapon 
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Alis NOT Attackproof 


- „Attack“ Isn't limited to 
using Al as a weapon 


- Attack" can mean attacks 
targetted towards Al 
systems 
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Al as a Weapon 
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Current Experiments / 
Research / 
whatever you want to call it 
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„Whatever you want to call it“ 


- Wargames - [courtesy of Endgame] 
- Intelligent Malware 


- Adapting to a changing environment 


2424 


Attacks on Al Systems 
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ean 


This is not what 1 Typically Do 
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This is not what 1 Typically Do 


ean 


- Accidentally joining an Al-based IDS research group 
drags you Into things 
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This is not what 1 Typically Do 


ean 


- Accidentally joining an Al-based IDS research group 
drags you Into things 

- Saying you're interested in malware makes people 
think you write It for fun (and no profit) 
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This is not what 1 Typically Do 


ean 


- Accidentally joining an Al-based IDS research group 
drags you Into things 


- Saying you're interested in malware makes people 
think you write It for fun (and no profit) 


SO you're put in the attack/testing team 
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This is not what 1 Typically Do 


ean 


- Accidentally joining an Al-based IDS research group 
drags you Into things 


- Saying you're interested in malware makes people 
think you write It for fun (and no profit) 


- So you're put In the attack/testing team, and then you 
realize you actually like It 
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What Can We Do? 


- The research scenario and its limitations 
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What Can We Do? 


- The research scenario and its limitations 


- Let's remember things that happened throughout the 
weekend. 
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What Can We Do? 


- The research scenario and its limitations 


- Let's remember things that happened throughout the 
weekend. (and things coming up) 


- What else IS can be treated In a similar manner? 
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Attacking the Human 


(one of my goals, but kind of far-fetched at the moment) 
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The Future of 
Defense 


Tricking Al in Practice 
(and why this is importatnt for defense mechanisms) 
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The Overlaps 


, a Eu N ektack and defense 


Like any other tool, Al can be used on both ends of the 
spectrum, sometimes without much modification 
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Defense for the Common Man 


(Attack against the algorithm) 
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A Sample of Defense : 


Avoiding Identification 
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We Have Seen This Before 
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Demo time ? 


